Field of the Invention
The present invention relates to an information processing apparatus and a control method for an information processing apparatus.
Description of the Related Art
In a place like an office, apparatuses such as a personal computer (PC) and a server device (such as a file server and an authentication server) are connected to a network. It is desirable to use such apparatuses according to an information security policy determined for each office. The information security policy is a basic policy concerning information security of an entire company. The information security policy is a collection of policies for preventing use of information, an external invasion, and information leakage, and is established by an administrator who handles security.
This security policy covers a wide range of policies including, for example, a policy for requiring apparatuses to perform encryption communication, and a policy for allowing use of only an encryption algorithm with certain intensity or higher. The wide range of policies further include, for example, a policy for restricting use of a specific network port, and a policy for requiring confidential information to be stored in a hardware security chip.
Further, other than the PC and the server device, peripherals such as a multi function peripheral (MFP, or an image forming apparatus) may be provided as the apparatuses connected to the network in the office.
Recent multi function peripherals have been each configured to not only merely print and transmit images, but also store image data and provide a file service function to a PC. In other words, the multi function peripheral acts in a manner similar to other server devices present on a network. In addition, as for the recent multi function peripherals, application development environments have been open to the public, and applications developed by others have been used, as with PCs and the like.
To maintain a secure office environment, the multi function peripherals may be required to comply with the information security policy, as with PCs and server devices. Complying with the information security policy mentioned here refers to imposing restrictions on use in terms of security, to prevent unauthorized use and information leakage of multi function peripherals in an office.
One type of conventional system uses a multi function peripheral to which a security policy is applied, and has a security-policy verification unit for detecting incompliance with the security policy. In this type of system, when a violation of the security policy is detected, a unit for suspending access stops a function of an apparatus. Therefore, it is possible to suppress execution of operations that violate the security policy (e.g., Japanese Patent Application Laid-Open No. 2009-230178).
Meanwhile, some of the multi function peripherals may each be configured to be an apparatus to which an external apparatus having a security-related function is connected. Examples of the external apparatus include an external printing controller and an external hardware security chip. Some of such external apparatuses may each be configured as a fare-paying option of the multi function peripheral, and purchased/used by a user to add/expand a function.
There may be a case where an external apparatus not supporting a security policy is connected to a multi function peripheral in which the security policy is set. In this case, the security policy may be deactivated to give priority to use of a function of the external apparatus, so that convenience can be provided.
In this case, however, in a state of the external apparatus being connected, if the multi function peripheral is used without any restriction, in a specification mode different from a specification intended by an administrator, a problem may arise in terms of security.